Welcome to Breach Protection offered by Trustwave

Congratulations! You have taken the first step in
financially protecting your business against the costs incurred and
fines imposed in the event of a data security breach.
This site is a resource for you to learn more about Breach Protection. The process for submitting a reimbursement request is quick
and easy and we have provided you with the means to print out
your proof of account protection. The best way to protect your
business is to stay informed, so we're happy you're here.

What is Breach Protection?

Overview

Breach Protection is a new and unique expense reimbursement program acquired to reduce monetary exposure in the event
of a data compromise of a merchant account. Breach Protection is designed
specifically to meet the expenses resulting from a suspected or actual breach
of credit card data from a merchant account. The program is offered and
administered exclusively by RGS Limited, LLC
(www.royalgroupservices.com) and
funded by an insurance policy purchased from a financially strong insurance organization whose
insurance companies are rated "A" by independent third party rating agencies. Trustwave is bundling
Breach Protection with TrustKeeper,
our remote assessment and compliance solution, to create a comprehensive system designed to get
merchants PCI-DSS compliant and protect them from the potentially business-threatening costs of data breach.

Breach Protection Includes:

·

A mandatory forensic audit required by the Payment Card Industry Data Security Standard (PCI DSS) of a merchant when a data breach is suspected.

·

The data breach can be either a system/network breach or the physical theft of the credit card data from stolen receipts, stolen computers, skimming, or even employee theft.

All Level 2, 3 and 4 merchants regardless of their level of compliance with the standard.

Frequently Asked Questions

Why do I need Breach Protection?
If you suffer a suspected or actual data breach, you could incur thousands
upon thousands of dollars of unexpected costs in the form of audit expenses,
card monitoring and replacement expenses, and fines. These costs could
significantly affect revenue... and even jeopardize the existence of
your business. This inexpensive program reduces your monetary exposure
when a presumed or actual data compromise occurs, thus providing peace of mind!

Can any merchant qualify for Breach Protection?
Any Level 2, 3 or 4 merchant is eligible, provided they have not already
suffered a data compromise. Level 1 Merchants are not eligible for this program.

Must I be PCI DSS compliant in order to be eligible for Breach Protection?
No. However, if you experience a breach, you must become compliant before you
can participate in (or re-enter) the program.

I am a Level 4 merchant. Level 4 merchants aren't breached often are they?
Absolutely they are! In fact, industry experts report that Level 4 merchants are the source of 85% of identified data compromises. It makes sense—Level 3 and 4 merchants are more likely to have faulty or non-existent business procedures for preventing employee access to confidential data, leading to a much greater likelihood of data theft.

I don't store magnetic stripe data. Can I still have a data compromise?
Yes! While it is true that merchants that store magnetic stripe data are the
most vulnerable, there are a number of other risks. For example, missing or outdated security patches, using vendor supplied default settings and passwords, SQL injections by hackers, unnecessary and vulnerable services on your servers, stolen receipts, stolen computers, employee theft, and skimming can all lead to significant data compromises and subject you to audits, card replacement costs, and fines.

I am PCI DSS compliant. Do I still need Breach Protection?
Yes! Certification of PCI DSS compliance is not a guarantee that a breach will not occur.
The analogy that best describes the situation is this: "You can have the best alarm
system in the world, but it is useless if you don't turn it on." Also, the program
protects against employee theft and the physical theft of data. PCI DSS compliance alone
cannot prevent these losses.

How is a data compromise reported?
To report a data compromise you simply have to call the RGS Customer Service Department at (888) 545-7133 (Outside of North America: 1-248-918-4303). You will be asked to provide the following items: (1) the notice from the card brand or acquiring bank that stipulates there has been (or there is the suspicion of) a data breach at your covered location; (2) a copy of the invoice provided by the certified PCI DSS auditor; (3) a copy of the merchant agreement, and (4) contact name, email address and mailing address for the reimbursement to be sent.

If I do suffer a loss, how quickly will my claim be processed?
Quickly! Once the relevant documentation is provided, the requests for payments will be processed. Assuming that the documentation is in order, the request should be processed within thirty days.

For any expenses to be paid under Breach Protection,
those expenses must be assessed by the card association against the
merchant as a result of an incident. A qualifying "card association"
would be any one of the following entities formed to administer and promote
cards: MasterCard International, Inc., VISA U.S.A., Inc., VISA
International, Inc., Discover Financial Services, American Express,
JCB International Credit Card Company, Ltd. or any of the following
Debit Provider Networks: Exchange/Accel, Interlink, Maestro, NYCE,
Plus, PrestoLink, Shazam and STAR.

For hardware and software upgrade expenses to be paid under
Breach Protection, the upgrades must have been ordered by a
card association to avoid a PCI Assessment from being issued as the
result of an incident.

*The information provided in this FAQ is for general information
purposes only. For the complete terms and conditions of
Breach Protection please refer to the
Terms & Conditions

Program Questions

Please fill out the form below with any questions you may have regarding Breach Protection.

To report a data compromise, call the RGS Customer Service Department at (888) 545-7133.

The following items will be required: (1) the notice from the card brand or acquiring bank that stipulates there has been (or there is the suspicion of) a data breach at your covered location;
(2) a copy of the invoice provided by the certified PCI DSS auditor;
(3) a copy of the merchant agreement,and
(4) contact name, email address and mailing address for the reimbursement to be sent.

Print Evidence of Account Protection

Validate that you're enrolled.

Print your evidence of merchant account protection by submitting your merchant number below.
(Please wait... This may take several seconds)

Merchant Number:

About Trustwave

Trustwave® helps businesses fight cybercrime, protect data and
reduce security risk. With cloud and managed security services,
integrated technologies and a team of security experts, ethical
hackers and researchers, Trustwave enables businesses to transform
the way they manage their information security and compliance programs.
More than three million businesses are enrolled in the Trustwave
TrustKeeper® cloud platform, through which Trustwave
delivers automated, efficient and cost-effective threat, vulnerability
and compliance management. Trustwave is headquartered in Chicago, with
customers in 96 countries. For more information about Trustwave,
visit www.trustwave.com